Tampa Bay Medical News: Understanding FIPA - New State Law is Unique, Broader and Stricter than Similar Data Breach Laws

October 14, 2014:



Tampa Bay Medical News quotes Tatiana Melnik in their article discussing Florida's new data breach law, which is stricter than the data breach laws in other states and shortens the data breach notification time frame for those collecting data from Florida residents.

"'[FIPA] is rather unique among the various states and, arguably, is stricter than similar data breach laws in other states,' said Tatiana Melnik, a Tampa healthcare attorney, focusing on healthcare information technology (HIT), and licensed to practice law in Florida and Michigan. "Additionally, the law is broad in application, covering almost all businesses that have customers in Florida or that maintain 'personal information' about Florida residents. The law also requires that companies use 'reasonable measures' to secure data, without defining ‘reasonable measures.'"

"Even though statute provisions are similar to data breach laws in other states, FIPA defines covered personal information differently. If a breach occurs, the organization has 30 days to notify affected individuals – once the breach has been discovered."

"'Those in the healthcare space will be familiar with the term 'covered entity' but note that this provision covers every organization—beyond just healthcare—that acquires, maintains, stores, or uses personal information,' said Melnik. 'The definition of personal information is quite broad and includes social security numbers, healthcare information, health insurance policy number, credit card numbers, and a user name or e-mail address, in combination with a password or security question and answer that would permit access to an online account.'"

To learn more about FIPA, please read our blog post - Florida Governor Signs New Data Breach Law Requiring All Businesses to Implement Security Controls


Tampa Bay Medical News reports on changes in laws and business that impact Tampa Bay medical providers - Read the full article here: Understanding FIPA - New State Law is Unique, Broader and Stricter than Similar Data Breach Laws
Does your company need assistance with FIPA compliance? Do you need help understanding whether FIPA applies to your organization? Or do you need assistance with data breach reporting?

We can help either on a project by project basis or as outside counsel.

Please contact us!

Stay up to date with industry and legal developments. Sign up now to receive our updates!

View our Privacy Policy.

Subscribe by entering your e-mail below: